Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,193
Erlang
25
GitHub Actions
39
Go
2,385
Maven
3,027
npm
3,078
NuGet
529
pip
2,897
Pub
5
RubyGems
442
Rust
905
Swift
20
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

55,021 advisories

Loading
RHACM: unauthenticated SSRF in console API endpoint. A Server-Side Request Forgery (SSRF)... High Unreviewed
CVE-2022-3841 was published Jan 13, 2023
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the ... High Unreviewed
CVE-2017-16294 was published Jan 12, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2020-15643 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2020-15645 was published May 24, 2022
It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly... High Unreviewed
CVE-2020-14349 was published May 24, 2022
The Anti-Malware Security and Brute-Force Firewall WordPress plugin through 4.21.85 is prone to a... High Unreviewed
CVE-2022-4327 was published Jan 16, 2023
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.838 to 0.9.8.846, remote attackers can... High Unreviewed
CVE-2019-13605 was published May 24, 2022
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, a cwpsrv-xxx cookie allows a normal... High Unreviewed
CVE-2019-13359 was published May 24, 2022
Fuji Electric Tellus Lite V-Simulator versions 4.0.12.0 and prior are vulnerable to an out-of... High Unreviewed
CVE-2022-3087 was published Jan 17, 2023
Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Linux (Hitachi Tuning... High Unreviewed
CVE-2020-36611 was published Jan 17, 2023
CX-Motion-MCH v2.32 and earlier contains an access of uninitialized pointer vulnerability. Having... High Unreviewed
CVE-2023-22366 was published Jan 17, 2023
An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non... High Unreviewed
CVE-2022-46891 was published Jan 17, 2023
Tiki before 24.1, when the Spreadsheets feature is enabled, allows lib/sheet/grid.php PHP Object... High Unreviewed
CVE-2023-22850 was published Jan 14, 2023
Use After Free in GitHub repository gpac/gpac prior to 2.3.0-DEV. High Unreviewed
CVE-2023-0358 was published Jan 18, 2023
An unauthorized user could possibly delete any file on the system. High Unreviewed
CVE-2022-46331 was published Jan 18, 2023
Dell EMC Metro node, Version(s) prior to 7.1, contain a Code Injection Vulnerability. An... High Unreviewed
CVE-2022-34456 was published Jan 18, 2023
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before... High Unreviewed
CVE-2016-4222 was published May 14, 2022
ZenTao 16.4 to 18.0.beta1 is vulnerable to SQL injection. After logging in with any user, you can... High Unreviewed
CVE-2022-47745 was published Jan 19, 2023
xhtml_translate_entity in xhtml.c in epub2txt (aka epub2txt2) through 2.02 allows a stack-based... High Unreviewed
CVE-2022-23850 was published Jan 24, 2022
Improper access control in the software installer for the Intel(R) Serial IO driver for Intel(R)... High Unreviewed
CVE-2021-33118 was published Nov 18, 2021
Improper access control vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and... High Unreviewed
CVE-2021-20861 was published Dec 2, 2021
An Improper Access Control Vulnerability in the SMA100 series leads to multiple restricted... High Unreviewed
CVE-2021-20050 was published Dec 24, 2021
An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability... High Unreviewed
CVE-2021-40413 was published Jan 29, 2022
An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability... High Unreviewed
CVE-2021-40414 was published Jan 29, 2022
A memory corruption vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader,... High Unreviewed
CVE-2022-22150 was published Feb 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database